Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

Riskable writes "Remember that $200,000 Contest For a Better Open-WRT Wireless Router GUI? Today Ubiquiti posted the winning entries to their support wiki. The grand prize was a tie between PyCI (written by yours truly) and NETSHe with OpenNET as the runner up. Source code and firmware images for each entry are available for download on their respective wiki pages. I'll be setting up a project page for PyCI (and l2sh) soon to make it a participatory open source product. Even if you don't have a RouterStation, or don't care about OpenWRT, there are numerous Python modules and tools inside of PyCI that could prove useful to other open source projects (e.g. iptables.py can read/interpret over 400 permutations of the iptables command). I'll also be checking the comments if anyone has any questions for me about PyCI or the contest in general. BTW: I'd like to thank all the commenters in the original article that insinuated that the technical requirements were impossible and/or that making a GUI to configure such complex things is a waste of time. I read every one and I wouldn't have made it such an obsession otherwise!"

I appreciate this comment (thanks) but I thought I should mention that I'm not a programmer by trade. I'm actually a Systems Administrator/Security Consultant (CISSP, former PCI QSA). I taught myself Python two years ago and only just recently (within the past year or so) started programming real applications with it. Before that I never wrote anything except for shell scripts. So when I started this contest six months ago I had no idea how to write a web-based application from scratch let alone a conte

"I'd like to thank all the commenters in the original article that insinuated that the technical requirements were impossible and/or that making a GUI to configure such complex things is a waste of time. I read every one and I wouldn't have made it such an obsession otherwise!""

Seriously, when will we realize that the best User Interface is a 3D environment individuals can navigate as easily as the world around us. Just make a quake, darkforces, or HL mod, pull in dynamic data that any web interface can provide, and have the guns change variables in a fun interactive way. Fine fine, use more recent games or engines, but you get my point?

...Because that isn't the best UI? I find myself in real life wishing that it had an easy to use UI like a computer sometimes. Plus navigation in the real world is tiring and time consuming. For example in the "real world" you find things in a file cabinet, that is a lot harder than just CTRL+F and the filename. A basic GUI is much better than a "real world" environment. It also doesn't need a high-powered graphics card and an up to date CPU.

You know, my winning entry has a Quake-style drop-down console window. Hit the ESC key on any page in PyCI and it will bring down the terminal just like in Quake and Half-Life (in this case, running the ash shell). I would've used the tilda key but that might actually be used in an input element somewhere.

I know your post was in jest but PyCI actually does include some elements from a first-person shooter!

Oh come on, *every* advanced configuration interface includes the ability to shoot yourself in the foot! I even had a debate in the contest forum about whether or not I should add a timeout to the page that allows you to reboot your router: If the router didn't come back up after 5 minutes it would ask you if you've updated your resume recently.

Sadly due to time constraints I never got to implement that feature =)

FYI: PyCI runs in "God mode" by default but this behavior can be changed.

And you mean, the ESC key is *not* used?? LOL. How do you cancel things then? Especially those that have no cancel button. Like a dropdown or menu. I hope you did not make a mouse-only GUI. That would be *nasty*. ^^

PyCI checks to make sure that no input element is currently selected before it drops down the terminal. So if you just clicked on a drop-down menu and hit ESC you'd get the expected behavior. Press ESC again and you get the terminal window.

So yeah, I already thought of that and took care of it. The only place where it actually overrides standard behavior is with jQuery-UI dialogs. By default the ESC key closes the dialog but PyCI overrides that feature. It isn't a big deal though... Just hit tab until

Seriously, when will we realize that the best User Interface is a 3D environment individuals can navigate as easily as the world around us. Just make a quake, darkforces, or HL mod, pull in dynamic data that any web interface can provide, and have the guns change variables in a fun interactive way. Fine fine, use more recent games or engines, but you get my point?

Agreed - Once you've used a tool like psdoom [unm.edu] to terminate a runaway browser process, there's no going back. It's only natural that the killing of processes should be represented as killing in the user interface! I'm just waiting for the VR helmet or at least some head tracking. Using a keyboard in the course of system administration is so... artificial.

Yo I'm really glad for you and imma let you finish, but your links have the least screenshots of all time, of all time!

All things considered, this is a very strong point.

Three of the links to the winners,

http://www.ubnt.com/wiki/index.php/RouterStationChallenge_PyCI#Links_and_Author_Contact_Information -has no homepagehttp://www.ubnt.com/wiki/index.php/RouterStationChallenge_NETSHe#Links_and_Author_Contact_Information -links to http://netshe.stasoft.net/ , which is DOAhttp://www.ubnt.com/wiki/index.php/RouterStationChallenge_OpenNET -links to http://opennet.ie/ , which is DOA.

I thought I had this in the docs somewhere but I'm not seeing it. Anyway... PyCI requires that python 2.6+ be installed along with pyOpenSSL (an ipk for which is included in the PyCI source package). The packages and dependencies add up to the following:

Well, in open source, if there are two good projects and you leave one out, chances are the developers who favored that will either fork it or simply stop coding for you. If its 50-50 you are risking over half your coders which on most OSS projects, they can't afford to do that.

What's the reasoning (in general) behind more coders is necessarily better for the project in Open Source? For something like wikipedia, where it does not need to compile as a whole, and the parts are loosely coupled, I could see scaling of productivity or quality with numbers. If more is better, why do the biggest projects choose to funnel their development through their respective Alan Cox counterparts?

I won't comment on the other entries since I haven't played around with them yet but I will say this: The primary advantage PyCI has over, say, LuCI, Tomato, DD-WRT, and X-WRT is that configuration screens in PyCI are infinitely configurable. When I say, "inifinitely configurable" I mean that all forms that can be dynamic are dynamic. For example, in Tomato and LuCI if you want to configure DNS you get two fields to enter that information (primary and secondary). In PyCI you can add as many as you want. There's examples of this all over the spectrum of configurable options.

Also, PyCI supports many features that the existing interfaces do not which is sort of the whole point of the contest. As another example, PyCI doesn't just let you configure firewall rules. It lets you configure your firewall rules and then see exactly which iptables command will be executed as the result of your changes.

My personal favorite unique feature of PyCI is the quake-style terminal. Even if PyCI doesn't have a configuration interface for something you can always just hit the ESC key to pull down a full terminal just as if you SSH'd into your router. It even works with full-screen apps like vi. I wrote a standalone version of it called Escape From The Web that can be downloaded here [launchpad.net]. It uses the Tornado framework instead of CherryPy (among some other differences) but from the user's perspective it is pretty much the same.

There's a whole lot of stuff included with PyCI that isn't covered in detail in the wiki. I plan to put up a downloadable x86 Qemu image with PyCI pre-installed for people to play with soon.

I'm currently running OpenWRT+Gargoyle on my linksys wrt54g. The reason I picked OpenWRT and Gargoyle was that at the time they seemed to be pretty much the only options if you wanted a fully free-as-in-speech OS and interface on your router. However, Gargoyle is pretty feature-poor.

From a cursory look at the links, I'm still left with some questions. (1) Are these systems really usable and debugged at this point, or are they just proof-of-concept mockups, or early alphas or something? (2) I don't know what RouterStation is, or what Ubiquiti is. Are these general-purpose interfaces that could run on my linksys hardware, or are they specialized to certain hardware?

You can actually run PyCI on any old Linux box with Python 2.6+ installed. A lot of the configuration screens won't be useful if it isn't OpenWRT though (pretty much all the network configuration screens won't work but Users and Groups configuration will work great =). So to answer your question: Yes, it'll run on any OpenWRT host with one caveat: You need enough space for the requirements.

PyCI requires Python 2.6 (more than just python-mini) which itself requires libopenssl which is over a megabyte. I forget the exact sizes but your OpenWRT router will probably need 8MB of flash ROM at a bare minimum. You can get around this requirement by using external storage (PyCI doesn't care where it's installed) and loading Python + PyCI there.

There's ipk files for PyCI, pyOpenSSL, and l2sh in the PyCI zip file on the wiki. The rule of thumb is this: If you can "opkg install python" with ~1MB free afterwards you can install and use PyCI.

For reference, I have plans in the future to fork PyCI into a more generic web-based administration tool more akin to webmin that works with more distributions than just OpenWRT. The necessary framework is already there and many plugins can already c

I think this looks great. Thanks to ubiquity for sponsoring this and thank you for creating such an excellent solution.

A couple of questions about the requirements. Isn't libopenssl a general requirement of openwrt rather then a requirement of PyCl itself? I don't know openWRT too well but was under the impression that openSSL was central to any secure networking functionality in Linux.

Also, why do you require pyOpenSSL? I thought that open SSL support was part of the Python standard library as of Pytho

libopenssl isn't a general requirement of OpenWRT because all the default web-based interfaces (LuCI, X-WRT, etc) don't use SSL (not by default anyway). I suspect the reason for this is precisely because libopenssl is so large (from an embedded perspective).

PyCI requires the pyOpenSSL package because PyCI was built using the CherryPy framework [cherrypy.org] which currently uses that module for SSL capability. The next release (3.2) will support the regular Python SSL implementation and I plan to get rid of the pyOpenSS

The RouterStation is much more powerful than your typical WRT54g but PyCI doesn't require a super-fast processor or huge amounts of RAM. On a RouterStation with 64MB of RAM PyCI takes up about 27% according to top. This will be reduced significantly in the future as I optimize things (the contest didn't give me much time to do that). Also, I'm pondering porting the whole thing from CherryPy + Mako to the Tornado framework which would speed things up and reduce the memory footprint considerably.

I have an Asus 520GU running OpenWRT. The current limitation is you have a choice of running the 2.4 kernel and getting wifi but there are some USB issues (although USB is working fine for me - YMMV), or the 2.6 kernel and getting no wifi.

Apparently the closed braodcom driver has now been reverse engineered for 2.6, but it isn't yet in the main branch so you have to do your own build and patch of the kernel.

Ubiquiti's hardware is a bit of overkill for Joe's use(considerably nicer than your basic $30-$50 router; but costs rather more); This software, though, runs on top of OpenWRT on pretty much any router that has the flash space for it.

OpenWRT runs an a large number of routers, including many of the common(or at least easily available) consumer level devices. Assuming average Joe actually cares about his router interface at all, he should find these packages quite useful.

Average joe is not going to be installing a custom OS firmware on his "intanet box"

Then Average Joe is going to pay way too much for too little access for the Internet.

My friend has been trying to work with his Cable company to get streaming content and they are refusing to open up the upstream bandwidth so that the content will stream successfully. He even decided to pay the extra protection more bandwidth fee to increase his tier of service to their highest available tier.

The service he is paying over $50 per month for markets up to 16000Kbps downstream and 2000Kbps upstream!

I told him he was a fool. They first tried to blame his firewall/router and the DD-WRT software as the limiting

Which entry are you claiming was produced by Ubiquiti? It looks to me like none of the three winning entries are from them. PyCI is by Dan McDougall, NETSHe is by Stanislav Korsakov, and OpenNET is by Derek Conniffe Hazel Lodge. I don't seen any obvious evidence that any of them work for Ubiquiti.

The contest was for firmware images that can specifically run on Ubiquiti's RouterStation and RouterStation Pro products. However, you'll be happy to know that I included instructions [ubnt.com] on how to build your own firmware for any given platform/device. It really isn't that hard but it does take a while to compile (can take a few hours even on fairly modern systems).

I recommend you just grab the latest OpenWRT trunk release via svn (instructions at dev.openwrt.org) and copy the PyCI-OpenWRT-trunk.config file f

I just was responsible for setting up routing for a microwave network between three college campuses on separate islands. The inter-island links used Motorola (formerly Orthogon) PTP600 radios. I used six ImageStream Rebel routers (which run Linux) for the moderately high performance routing, and four Linksys WRT54GL routers running OpenWRT for less performance-critical areas. I specified the WRT54GL because it is quite inexpensive, but it also has barely enough flash memory to do what was required. If

I don't care if it was mentioned on the site. It's an article, not a conversation with my neighbor. What's the point of making this a question, when it's pointless answering it? After all, the article can't hear my answer. And what's with the total cheesiness of it all?

I wish I could buy a Open Source router that had more than two routable interfaces. If I need four, I basically have to go Cisco...why why why?
(I actually need an eight-interface router right now for a rugged field deployment...it appears that only Cisco closed-source fits the toughness bill

can't openwrt do vlans? Get a switch that supports setting each port to a particular vlan, have one port go to the router and let the router, um, route the traffic as needed. Use a Gigabit interface so there isn't a bottleneck at the router.

The RouterStation and RouterStation Pro have 3 mini-PCI slots. You can use those to hook up ethernet adapters. I'm pretty sure you can get mini-PCI cards with breakout panels supporting 6 or more ports. I couldn't give you a specific product to use though.

At the very least I know there's dual-port mini-pci cards out there (gigabit, even). So you could add 4 ports with two cards and still have a slot left for a wireless card.